Feed on
Posts
Comments

I noticed this article at Lifehacker today about how much data today’s photocopiers retain.  It may seem like sensationalist journalism but it’s actually quite interesting and worrisome.  People are growing accustomed to the idea of securing personal data, not giving out account number via email, using passwords, that sort of thing, but one doesn’t usually think of a photocopier or printer as something that may store your document indefinitely.  (Previous news stories note how old flash drives can be a vector for sensitive data leakage.)

What’s also very interesting is the aftermarket trade in all this.  As others point out, articles like this are not how criminals learn of such things – I’m sure there’s outfits out there buying up old printers, copiers or just the raw drives themselves, selectively, simply to vacuum useful info from them.

Why encryption and wipe-on-completion isn’t mandated is a mystery to me.  An exec suggested it’s a $500 add-on for one company’s products, but to me it should be a fundamental part of the product’s design!  Is it so hard to at least write a routine that overwrites a used/deleted file?  Not at all!  A big, fat “factory wipe” option loudly proclaimed in the manual?  A fraction of a cent’s worth of ink.

Note: encryption would be a good thing, but doing it right would add to hardware and design costs – otherwise the keys (being locally stored) are not much more secure than the data.  It’s far simpler to implement wipe-after-use and wipe-nightly.

See also the CBS video of this:

Update 1: This procedure works on the zxing-1.4.zip source base.  I’m trying to figure out why it doesn’t want to work easily with the most current SVN code (e.g., rev 1217 or 1220).  I thought it was just some preloading weirdness that caused the Java Stack Overflow errors, then I thought it was Subversion related, but now… now I’m not sure what’s going on but I’ll let you know if I figure it out.


Update 2: Eclipse does NOT like the new version of /android/default.properties at all.  After you create the project folders but before you try creating the project in Eclipse, edit /android/default.properties and change

target=android-4

to

target=Google Inc.:Google APIs:4

That seems to prevent the whole Stack Overflow problem.  I’m not sure why this changed or what the more correct thing to do it but there’s some apparently relevant discussion here. Curiously, despite my reversion of this change I do not see any problem in my test builds here, whether in Eclipse or when using the command-line build as outlined previously.


Update 3: If you comment out the target= line in that file entirely (using “#”) the problem also goes away – be sure to select an SDK level >= 4 though.  Eclipse still forces you to select a Google APIs target, but if you double-click one of the “un-selectable” Android targets (click the text NOT the checkbox!) just right it’ll apparently take the setting and work OK.  Who knows if that works in general – probably not. With an Android target launching the AVD also goes much more smoothly!

Question is, what is it that makes Eclipse insist this is an APIs project when default.properties is not giving it any hints? Or is it a quirk of the SDK? What triggers this, and is it more readily resolved than by doing this?


Update 4: Last update for tonight. Once a project is in Eclipse you can go to Properties -> Android for that project and select a suitable Android target.  As long as you don’t have dependencies on Google APIs it should be fine.  If you /android/AndroidManifest.xml and remove the android:minSdkVersion setting that problem goes away as well (again, select Android 1.6 SDK level 4 to ensure proper operation).

Either it’s Eclipse 3.5.1 or the ADT plugin that’s messing up here.  Regardless, it doesn’t seem to be any flaw in ZXing.  It’s rather annoying to see Eclipse acting like this… are other people seeing this sort of bug?

To summarize: to avoid all these painful problems just plain remove default.properties and edit AndroidManifest.xml before you create a new Eclipse project based on the latest source.  Ensure you select Android 1.6 SDK level 4 for best results.

Also, when you run the app it’s best to just start the AVD first, wiping user data, (or at least uninstalling the old version of your app) and being at the home screen before you “Run As”.  Otherwise, the app’s display ends up rather funky.

Finally, “Build Automatically” may be more trouble than it’s worth, at least for a larger project such as this.  Consider this if your head starts making dents in the wall as you struggle to make sense of Eclipse’s random “out of memory” errors. :-)


In my previous post I referred to a Knol that tells you how to build ZXing for Android (the Barcode Scanner) using the Eclipse IDE.  There are pros and cons to doing this, given that ZXing is normally built from the command line using Ant (and during that build it is optimized using Proguard).

However, my goal is to learn more about Android programming in general and to make it even more interesting, I’m doing it from Windows.  Having the project working in an IDE is preferable for me when it comes to unraveling functional connections and learning how a (quite useful!) Android app is put together.

Continue Reading »

Well, that was fast!  I decided to give Subversion a whirl with the ZXing codebase before signing off for the night… and I apparently chose well when I selected TortoiseSVN as my Subversion client for Windows!

It went very smoothly! Here’s the details:

Continue Reading »

Updated based on feedback from the ZXing team.

Tonight I decided to try my hand again at building an Android app – this time, one that should in theory be easy and yet feature-rich enough to learn from.  It was far from the simple experiment it ought to have been, so I’m sharing my experience to hopefully save you the reader some time if you try this yourself!

ZXing is the heart of the Barcode Scanner app for Android.  It’s nifty though it doesn’t take full advantage of my Droid’s camera resolution and there are some other tricks I’d like to see it do (such as activate the flash for improved lighting, replacing the constant autofocus with a forced focus, and perhaps adding some decoding protocols that aren’t supported in the Droid build of this, at least as of Barcode Scanner v3.1).  My main goal was to simply rebuild the app for the Android target via a Windows host, then play around with the code to learn more about Android coding.

Continue Reading »

I’ve been fiddling with making bootable flash drives lately, via UBCD4Win for the most part.  It’s actually come in handy a few times in the last month alone and the new v3.50 just came out today!  In the course of this I’ve learned a couple of useful things that might be worthwhile to others working on this.

Continue Reading »

I got an alarming popup from Windows Defender tonight: it had detected Win32/PossibleHostsFileHijack in the C:\Windows\System32\drivers\etc\hosts file.  That’s pretty worrisome and unexpected!  I looked at the file but it seemed uninteresting.  The only non-comment entries were:

127.0.0.1       localhost
::1             localhost

I made a backup of the file, then I let Defender “clean” it.  OK… it only removed the 127.0.0.1 line (in red above).  Weird: that’s a pretty standard setting and it doesn’t seem like it should be going anywhere.

I searched around for this and found this thread on the matter.  I then used Windows update to get the latest version of the Defender database (it was last checked about 18 hours ago) and reverted the “fix” Defender had made (in Vista you must edit the hosts file with an editor running in Admin mode… as always be careful!)  Sure enough, it found and installed a newer version and a re-scan of the hosts file showed… no problems whatsoever.  Apparently one of Monday’s Defender definition updates might have had a bug in it.

Note: This is NOT to imply this is always a false alarm!  But if the only line that was removed is the standard localhost address as above, update Defender and re-scan.  This “problem” may not be a problem after all.

Now, I wonder how many people screwed up their hosts file today by letting this rather ubiquitous setting get removed?  I can imagine there are some apps that’ll be unhappy not to find a localhost route.  If this post helped you avoid some fun config headaches later please drop a quick comment.

Update: more info at this site about this issue.

I recently upgraded to Windows Vista Business (SP1) from WinXP Pro.  It went relatively well but I was annoyed today when any attempt to use Netflix’s “Watch Instantly” feature from IE 7 caused it to crash! (the “Indiv01.key” error).

I did some searching… turns out there are lots of complaints out there about this sort of issue, but almost nobody posted the correct way to fix it when Vista SP1 and WMP11 are involved.  Most solutions revolved around WMP10 or earlier.  The problem is, for some bizarre reason you can’t manage your licenses in WMP11 (there is no menu item for it and apparently all backup/restore functionality is gone!)  Why?  I have no idea.  Glad I don’t depend on it for anything else!

I uninstalled and reinstalled Netflix… didn’t help.  Lots of suggestions out there to downgrade WMP11 to 10 or such, but those are fraught with caveats.  Reinstall Vista?  Right!  When my furnace won’t work I don’t repaint the living room and redecorate the bedrooms… why should one rebuild the whole system for an isolated failure?  Besides, apparently that doesn’t help either.

Finally, I stumbled across a useful answer! Close IE and run the following command.  CAVEAT: supposedly it resets ALL your DRM license info… beware!  That wasn’t a concern for me (I’m wary of buying any DRM-wrapped media that could evaporate on a whim) but it could be an issue for you.  The command is:

C:\Program Files\Netflix\Netflix Movie Viewer\ResetDRM.exe

After a couple of warning windows (read them carefully!) it completed.  I reopened IE, clicked play on a Netflix movie and instead of crashing it notified me it needed to update something in WMP (as it had done long ago in XP).  I let it, and after that it works like a charm!

Well, almost… looks like it’ll complain about getting a license every time you use it (because of IE’s “protected mode”?  I dunno but I don’t feel safe to disable it).  It seems to work after a prompt, but it makes me think it’ll eventually fail again.

Was all this work worth it though? We’ll see… I don’t trust that it’ll be reliable and if it wasn’t free as part of my Netflix membership I would be very hesitant to use this at all – especially when such DRM “rights” could suddenly disappear tomorrow or, as we see here, every time you use it.  DRM is nothing but a nightmare and apparently it’s only getting worse.  I’d go to Blu-Ray but I don’t want any “Surprise!  DRM doesn’t like your big new monitor!” problems (also reported, which HDCP compatibility supposedly helps but it’s a “gotcha!” I don’t care to risk right now).

References:

http://www.annoyances.org/exec/forum/winvista/t1201447823

Blog #2: The Quickening

Ok, not-so-quick considering the time since I wrote the last one.

What all does one write on a blog that’s purposely sanitized so it won’t offend past, present or future employers? Something intended to be neutral and unassuming? Frankly not a heck of a lot.

*Sigh*

Hmm… I got my domain here about 8 years ago and as far as web things go I’ve not done a thing with it. I wonder if there’s some sort of award for having the oldest “Under Construction” page? :-D